USN-5418-1: Linux kernel vulnerabilities
12 May 2022
Several security issues were fixed in the Linux kernel.
Releases
Packages
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
- linux-dell300x - Linux kernel for Dell 300x platforms
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe - Linux hardware enablement (HWE) kernel
- linux-kvm - Linux kernel for cloud environments
- linux-oracle - Linux kernel for Oracle Cloud systems
- linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
Details
Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk,
Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre
Variant 2 mitigations for AMD processors on Linux were insufficient in some
situations. A local attacker could possibly use this to expose sensitive
information. (CVE-2021-26401)
Demi Marie Obenour and Simon Gaiser discovered that several Xen para-
virtualization device frontends did not properly restrict the access rights
of device backends. An attacker could possibly use a malicious Xen backend
to gain access to memory pages of a guest VM or cause a denial of service
in the guest. (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038,
CVE-2022-23039, CVE-2022-23040, CVE-2022-23042)
It was discovered that the USB Gadget file system interface in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-24958)
It was discovered that the USB gadget subsystem in the Linux kernel did not
properly validate interface descriptor requests. An attacker could possibly
use this to cause a denial of service (system crash). (CVE-2022-25258)
It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in
the Linux kernel did not properly validate the size of the RNDIS_MSG_SET
command. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-25375)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
It was discovered that the USB SR9700 ethernet device driver for the Linux
kernel did not properly validate the length of requests from the device. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-26966)
It was discovered that the Xilinx USB2 device gadget driver in the Linux
kernel did not properly validate endpoint indices from the host. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-27223)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
-
linux-image-4.15.0-1127-snapdragon
-
4.15.0-1127.136
-
linux-image-virtual
-
4.15.0.177.166
-
linux-image-aws-lts-18.04
-
4.15.0.1128.131
-
linux-image-generic
-
4.15.0.177.166
-
linux-image-4.15.0-1138-azure
-
4.15.0-1138.151
-
linux-image-oracle-lts-18.04
-
4.15.0.1093.103
-
linux-image-4.15.0-1114-kvm
-
4.15.0-1114.117
-
linux-image-4.15.0-1128-aws
-
4.15.0-1128.137
-
linux-image-snapdragon
-
4.15.0.1127.130
-
linux-image-azure-lts-18.04
-
4.15.0.1138.111
-
linux-image-4.15.0-177-generic-lpae
-
4.15.0-177.186
-
linux-image-4.15.0-1042-dell300x
-
4.15.0-1042.47
-
linux-image-dell300x
-
4.15.0.1042.44
-
linux-image-gcp-lts-18.04
-
4.15.0.1122.141
-
linux-image-4.15.0-1122-gcp
-
4.15.0-1122.136
-
linux-image-4.15.0-1093-oracle
-
4.15.0-1093.102
-
linux-image-kvm
-
4.15.0.1114.110
-
linux-image-4.15.0-177-generic
-
4.15.0-177.186
-
linux-image-generic-lpae
-
4.15.0.177.166
-
linux-image-4.15.0-177-lowlatency
-
4.15.0-177.186
-
linux-image-lowlatency
-
4.15.0.177.166
Ubuntu 16.04
-
linux-image-4.15.0-1138-azure
-
4.15.0-1138.151~16.04.1
Available with Ubuntu Pro
-
linux-image-lowlatency-hwe-16.04
-
4.15.0.177.169
Available with Ubuntu Pro
-
linux-image-oem
-
4.15.0.177.169
Available with Ubuntu Pro
-
linux-image-azure
-
4.15.0.1138.128
Available with Ubuntu Pro
-
linux-image-gke
-
4.15.0.1122.123
Available with Ubuntu Pro
-
linux-image-gcp
-
4.15.0.1122.123
Available with Ubuntu Pro
-
linux-image-aws-hwe
-
4.15.0.1128.118
Available with Ubuntu Pro
-
linux-image-generic-hwe-16.04
-
4.15.0.177.169
Available with Ubuntu Pro
-
linux-image-oracle
-
4.15.0.1093.81
Available with Ubuntu Pro
-
linux-image-4.15.0-1122-gcp
-
4.15.0-1122.136~16.04.1
Available with Ubuntu Pro
-
linux-image-virtual-hwe-16.04
-
4.15.0.177.169
Available with Ubuntu Pro
-
linux-image-4.15.0-1093-oracle
-
4.15.0-1093.102~16.04.1
Available with Ubuntu Pro
-
linux-image-4.15.0-177-generic
-
4.15.0-177.186~16.04.1
Available with Ubuntu Pro
-
linux-image-4.15.0-1128-aws-hwe
-
4.15.0-1128.137~16.04.1
Available with Ubuntu Pro
-
linux-image-4.15.0-177-lowlatency
-
4.15.0-177.186~16.04.1
Available with Ubuntu Pro
Ubuntu 14.04
-
linux-image-4.15.0-1138-azure
-
4.15.0-1138.151~14.04.1
Available with Ubuntu Pro
-
linux-image-azure
-
4.15.0.1138.110
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.